ruflet_server 0.0.7 → 0.0.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 34a06b652824d1837a37bc693722bcaeea85ff0ce8be5e3ec6bd71a3535ea520
-  data.tar.gz: 8430980c8a035a0a5b9bb7c844469473018b1f51a8385207a1dca0902686a1da
+  metadata.gz: 89a4205a1319e0a391d06cd12012c51c57db414a4cc025b99a56304f25fa4c04
+  data.tar.gz: 65fe06aca8676dfc1411a3953276b44387ac3e3ae562e93a19757be0d72b6d82
 SHA512:
-  metadata.gz: 0b2d54fa5da1a3c653364d90fa40ae856504565ff98959b7bce46e696e4ae5997d8f46e356c64b6f850a2cefc587bb8ab11f56cd2b357015a93b1e089e9723ae
-  data.tar.gz: 64298fa102ecdcdb25c5829998f839511a1f22f78cda4608b5257a849a16d63bcb78b6efbb552e087587972316ecf2a6c525b1b75bfb2c9634cd4e4099936eb7
+  metadata.gz: 9c0c67700b28c5a95734fcfd4cb0c572214e5f9f71f3fe3d0d7c13546411f1cf4cf09f6ea460dad08b970f731865c4efd0f4d2427c22513aaa14e94d8dbfa86a
+  data.tar.gz: 41fed410cdafc664fe6d5c50f6261d78bbe08bf7148322f9011a437f078f78e1abf5f008aebd35fb7637b61e869832e7daf9694b8f3026a11e557da4a599b07f

data/lib/ruflet/server/web_socket_connection.rb

@@ -2,6 +2,9 @@
 
 module Ruflet
   class WebSocketConnection
+    # Ruflet control messages are small; anything much larger is invalid or hostile.
+    MAX_FRAME_PAYLOAD_BYTES = 16 * 1024 * 1024
+
     def initialize(socket)
       @socket = socket
       @write_mutex = Mutex.new
@@ -70,10 +73,20 @@ module Ruflet
       masked = (b2 & 0x80) != 0
       payload_len = b2 & 0x7f
 
-      payload_len = read_exact(2).unpack1("n") if payload_len == 126
-      payload_len = read_exact(8).unpack1("Q>") if payload_len == 127
+      if payload_len == 126
+        ext = read_exact(2)
+        return nil if ext.nil?
+        payload_len = ext.unpack1("n")
+      elsif payload_len == 127
+        ext = read_exact(8)
+        return nil if ext.nil?
+        payload_len = ext.unpack1("Q>")
+      end
+
+      return nil if payload_len.negative? || payload_len > MAX_FRAME_PAYLOAD_BYTES
 
       masking_key = masked ? read_exact(4) : nil
+      return nil if masked && masking_key.nil?
       payload = payload_len.zero? ? "".b : read_exact(payload_len)
       return nil if payload.nil?
 
@@ -112,6 +125,9 @@ module Ruflet
     end
 
     def read_exact(length)
+      return nil unless length.is_a?(Integer)
+      return nil if length.negative? || length > MAX_FRAME_PAYLOAD_BYTES
+
       chunk = +""
       chunk.force_encoding(Encoding::BINARY)
 
@@ -123,6 +139,8 @@ module Ruflet
       end
 
       chunk
+    rescue IOError, SystemCallError
+      nil
     end
   end
 end

data/lib/ruflet/server/wire_codec.rb

@@ -128,10 +128,23 @@ module Ruflet
         when 0xd9 then reader.read_string(reader.read_u8)
         when 0xda then reader.read_string(reader.read_u16)
         when 0xdb then reader.read_string(reader.read_u32)
+        when 0xc4 then reader.read_binary(reader.read_u8)
+        when 0xc5 then reader.read_binary(reader.read_u16)
+        when 0xc6 then reader.read_binary(reader.read_u32)
         when 0xdc then read_array(reader, reader.read_u16)
         when 0xdd then read_array(reader, reader.read_u32)
         when 0xde then read_map(reader, reader.read_u16)
         when 0xdf then read_map(reader, reader.read_u32)
+        when 0xd4
+          read_ext(reader, 1)
+        when 0xd5
+          read_ext(reader, 2)
+        when 0xd6
+          read_ext(reader, 4)
+        when 0xd7
+          read_ext(reader, 8)
+        when 0xd8
+          read_ext(reader, 16)
         when 0xc7
           read_ext(reader, reader.read_u8)
         when 0xc8
@@ -231,6 +244,10 @@ module Ruflet
       def read_string(size)
         read_exact(size).force_encoding("UTF-8")
       end
+
+      def read_binary(size)
+        read_exact(size)
+      end
     end
   end
 end

data/lib/ruflet/server.rb

@@ -4,7 +4,7 @@ require "digest/sha1"
 require "socket"
 require "thread"
 
-require "ruflet"
+require "ruflet_core"
 require_relative "server/wire_codec"
 require_relative "server/web_socket_connection"
 
@@ -170,6 +170,8 @@ module Ruflet
     rescue IOError, Errno::EBADF
       nil
     rescue StandardError => e
+      return nil unless @running && @server_socket
+
       warn "accept error: #{e.class}: #{e.message}"
       warn e.backtrace.join("\n") if e.backtrace
       nil
@@ -186,6 +188,8 @@ module Ruflet
       ws = nil
       begin
         path, headers = read_http_upgrade_request(socket)
+        return if path.nil?
+
         if websocket_upgrade_request?(path, headers)
           send_handshake_response(socket, headers["sec-websocket-key"])
           ws = Ruflet::WebSocketConnection.new(socket)
@@ -194,6 +198,8 @@ module Ruflet
           handle_http_request(socket, path)
         end
       rescue StandardError => e
+        return if disconnect_error?(e)
+
         warn "server error: #{e.class}: #{e.message}"
         warn e.backtrace.join("\n") if e.backtrace
         send_message(ws, Protocol::ACTIONS[:session_crashed], { "message" => e.message.to_s.dup.force_encoding("UTF-8") }) if ws
@@ -209,6 +215,8 @@ module Ruflet
         handle_message(ws, raw)
       end
     rescue StandardError => e
+      return if disconnect_error?(e)
+
       warn "server error: #{e.class}: #{e.message}"
       warn e.backtrace.join("\n") if e.backtrace
       send_message(ws, Protocol::ACTIONS[:session_crashed], { "message" => e.message.to_s.dup.force_encoding("UTF-8") })
@@ -224,10 +232,12 @@ module Ruflet
 
     def read_http_upgrade_request(socket)
       request_line = socket.gets("\r\n")
-      raise "Invalid HTTP request" if request_line.nil?
+      return [nil, {}] if request_line.nil?
+      return [nil, {}] unless request_line.include?(" ")
 
       method, path, _version = request_line.strip.split(" ", 3)
-      raise "Unsupported HTTP method: #{method}" unless method == "GET"
+      return [nil, {}] unless method == "GET"
+      return [nil, {}] if path.to_s.empty?
 
       headers = {}
       loop do
@@ -509,10 +519,30 @@ module Ruflet
     end
 
     def send_message(ws, action, payload)
+      return if ws.nil? || ws.closed?
+
       message = [action, payload]
       ws.send_binary(Ruflet::WireCodec.pack(message))
     rescue StandardError => e
-      warn "send error: #{e.class}: #{e.message}"
+      unless disconnect_error?(e)
+        warn "send error: #{e.class}: #{e.message}"
+      end
+      remove_session(ws)
+      unregister_connection(ws)
+      ws&.close
+    end
+
+    def disconnect_error?(error)
+      return true if error.is_a?(IOError)
+      return true if error.is_a?(Errno::EPIPE)
+      return true if error.is_a?(Errno::ECONNRESET)
+      return true if error.is_a?(Errno::ECONNABORTED)
+      return true if error.is_a?(Errno::ENOTCONN)
+      return true if error.is_a?(Errno::ESHUTDOWN)
+      return true if error.is_a?(Errno::EBADF)
+      return true if error.is_a?(Errno::EINVAL)
+
+      false
     end
 
     def pseudo_uuid

data/lib/ruflet/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Ruflet
-  VERSION = "0.0.7" unless const_defined?(:VERSION)
+  VERSION = "0.0.9" unless const_defined?(:VERSION)
 end

data/lib/ruflet_server.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require "ruflet"
+require "ruflet_core"
 require_relative "ruflet/server"
 
 module Ruflet

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ruflet_server
 version: !ruby/object:Gem::Version
-  version: 0.0.7
+  version: 0.0.9
 platform: ruby
 authors:
 - AdamMusa
@@ -10,19 +10,19 @@ cert_chain: []
 date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: ruflet
+  name: ruflet_core
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.0.7
+        version: 0.0.9
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.0.7
+        version: 0.0.9
 description: Ruflet WebSocket server runtime compatible with Flet protocol.
 email:
 - adammusa2222@gmail.com